Skip to content

Commit 58971f9

Browse files
committed
Switch qualified name to available CollectionType
1 parent 520ba47 commit 58971f9

1 file changed

Lines changed: 1 addition & 4 deletions

File tree

java/ql/src/Security/CWE/CWE-346/UnvalidatedCors.ql

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -31,10 +31,7 @@ private predicate setsAllowCredentials(MethodAccess header) {
3131
class CorsProbableCheckAccess extends MethodAccess {
3232
CorsProbableCheckAccess() {
3333
getMethod().hasName("contains") and
34-
getMethod()
35-
.getDeclaringType()
36-
.getASourceSupertype*()
37-
.hasQualifiedName("java.util", "Collection")
34+
getMethod().getDeclaringType().getASourceSupertype*() instanceof CollectionType
3835
or
3936
getMethod().hasName("equals") and
4037
getQualifier().getType() instanceof TypeString

0 commit comments

Comments
 (0)